Microsoft Malware Protection Center

Threat Research & Response Blog

Browse by Tags

  • Blog Post: Analysis of the Eleonore exploit pack shellcode

    '‚ÄčEleonore ' is a malware package that contains a collection of exploits used to compromise web pages. When the compromised web pages are viewed via vulnerable systems, the exploit payload is run. Eleonore is purchased by an attacker from an underground website. The attacker then gains access to Internet...
  • Blog Post: My Sweet Valentine - the CIFS Browser Protocol Heap Corruption Vulnerability

    On Valentine's Day, an anonymous researcher announced a previously undisclosed SMB (Server Message Block) vulnerability affecting the CIFS (Common Internet File System) browser service. Along with the vulnerability, the researcher also posted Proof-of-Concept (PoC) exploit code showing exactly how to...
  • Blog Post: Nobel Prize site hacked, delivers malware

    Yesterday (Oct 26, 2010), MMPC researchers learned that the Nobel Peace Prize website " nobelprize.org " was hacked and users browsing the site using Firefox versions 3.5 and 3.6 may have received malware. The malware is delivered by way of a malicious JavaScript that exploits a vulnerability...
  • Blog Post: Analysis of the CVE-2011-0611 Adobe Flash Player vulnerability exploitation

    About a month ago, we blogged about an Adobe Flash Player vulnerability ( CVE-2011-0609 ) that was actively exploited in the wild. That exploit was hidden inside a Microsoft Excel document. Over the weekend, a new Adobe Flash Player 0-day ( CVE-2011-0611 ) was reported by Adobe in a recent advisory ...